Two-Factor Authentication At Risk From Android Malware

Many users across the world encounter their email or social networking account being compromised by someone who has not been given permission to use it, while many other users also have important and very personal information such as credit card and Social Security content stolen from them. With online theft rising, smartphones are becoming an increasingly popular way for transporting your personal information, so it is only natural for criminals to aim their efforts at Android or other operating systems alike.

Malware, which is software that is used to damage or intend to disable computing systems of all kinds, is starting to find its way on more personal devices. One of the more recent and scary malware programs called Android.Bankosy is stealing bank and credit card information from its victims by compromising their device. What’s perhaps even scarier, the malware program has now been updated and can steal one-time passcodes via phone calls or text messages. One-time passcodes have become increasingly more popular with banks using this procedure to make it even harder for criminals to gain access to your personal banking information. Used for two-factor authentication, one-time passcodes are being intercepted by the trojan horse malware and are being used to gain access to your banking system where the attackers can then proceed to wipe your funds. This is a problem as most banks are starting to use the two-factor authentication process via phone more than they are using text messages, simply because text messages are easier to intercept but as we are now learning, this is not the case.

After Android.Bankosy was updated, attackers can now forward all calls directly to them. The malware will also allow them to even disable or enable your devices silent mode, therefore allowing them to sneak incoming calls right by you without you even noticing there ever was a call. Symantec, which is a company that helps people and other organizations protect their information through antivirus apps like their own Norton Security, is asking users to follow some procedures to further protect their vulnerability. They simply ask you to ensure your software is kept up to date and to always refrain from downloading unfamiliar apps from sites you do not know. Only install apps that are from sources you know can be trusted and to always pay close attention to an app’s permission requests. Steps like these as well as installing a mobile security app will always help you take one step closer to ensuring you personal information is better protected.